You’ve heard the horror stories. Companies losing huge sums of money to “phishing scams” and little old ladies being coerced into sending a dethroned prince thousands of dollars worth of gift cards.
Don’t be one of them. Here are some quick tips for identifying phishing scams:
Phishing emails, texts, and calls claim to be from a company you know and trust.
- Look closely at the email address, URL, or the caller ID that contacted you. Does it seem legit? Check for spelling changes like a dropped letter. If the URL in the email address seems suspicious (i.e. lots of top-level domains, .com/.ca/.io) or a contains a spelling mistake, give that company a quick Google and find their website and see if the two match up.
- How do they address you? Your bank knows how to spell your first name. If you see any errors or issues with the salutation in an email that should set of a major red flag.
A good rule to follow is that if it doesn’t look legit, it probably isn’t. Real companies with real reputations (banks, telecommunications, etc.) have very clear and official website URLs. The emails will almost certainly written by a professional and won’t include any major grammatical or spelling errors.
Phishermen will tell you a story to trick you into clicking on a link or opening an attachment.
- For example, maybe you get an email from Google, a social media platform, or (and this is very bold) from your IT provider. They say that they have noticed some suspicious activity or log-in attempts.
- It’s common for phishing attempts to use a telecommunications company, bank, or a service that you pay a recurring bill to. They’ll claim there is a problem with your account or payment information and ask you to click a link to resolve it. DON’T. You may get a text or an email saying that you were charged too much on your last bill. All you have to do is click a link and you’ll get your money back (how tempting!).